CVE-2026-56279
Capgo · Capgo
A missing authorization vulnerability in Capgo allows unauthenticated attackers to perform unauthorized actions via the get-orgs-v7 RPC endpoint.
Executive summary
A critical missing authorization flaw in Capgo allows unauthenticated attackers to access sensitive organizational data, posing a significant risk of information disclosure.
Vulnerability
This vulnerability is caused by a missing authorization check (CWE-862) on the get-orgs-v7 RPC endpoint. An unauthenticated attacker can exploit this to perform unauthorized actions against the application.
Business impact
The vulnerability carries a CVSS score of 7.5, reflecting a high risk of unauthorized data access. Successful exploitation could lead to the exposure of sensitive organizational information, potentially resulting in data breaches, loss of operational privacy, and reputational damage.
Remediation
Immediate Action: Update Capgo to version 12.128.2 or later to apply the necessary authorization controls.
Proactive Monitoring: Monitor RPC endpoint traffic for unusual request patterns or high volumes of unauthorized access attempts.
Compensating Controls: Implement strict network access controls (ACLs) to limit exposure of the RPC interface to trusted internal segments only.
Exploitation status
Public Exploit Available: No
Analyst recommendation
Given the high severity of this missing authorization vulnerability and the existence of a proof-of-concept, immediate remediation is required. Organizations utilizing Capgo must prioritize upgrading to version 12.128.2 or later to neutralize the risk of unauthorized data access.